April 07, 2014 10:00AM
Staying ahead of OpenSSL vulnerabilities
Today a new vulnerability was announced in OpenSSL 1.0.1 that allows an attacker to reveal up to 64kB of memory to a connected client or server (CVE-2014-0160). We fixed this vulnerability last week before it was made public....
March 11, 2014 5:00PM
The Web's Silver Jubilee
No matter what your age, it's hard to believe that the World-Wide Web is 25 today. For the young the web has always been part of their lives, for the older it seems like it was invented only yesterday....
March 10, 2014 4:30PM
ECDSA: The digital signature algorithm of a better internet
This blog post is dedicated to the memory of Dr. Scott Vanstone, popularizer of elliptic curve cryptography and inventor of the ECDSA algorithm. He passed away on March 2, 2014....
February 14, 2014 1:00AM
Introducing Strict SSL: Protecting Against a On-Path Attack on Origin Traffic
At CloudFlare, we are always looking for ways to improve the security of our customers’ websites. One of the features we provide is the ability to serve their website encrypted over SSL/TLS....
December 26, 2013 5:00PM
Using CloudFlare to mix domain sharding and SPDY
Speed & Reliability
It’s common knowledge that domain sharding, where the resources in a web page are shared across different domains (or subdomains), is a good thing....
November 21, 2013 9:00AM
Red October: CloudFlare’s Open Source Implementation of the Two-Man Rule
At CloudFlare, we are always looking for better ways to secure the data we’re entrusted with. This means hardening our system against outside threats such as hackers, but it also means protecting against insider threats....